The Pegasus spyware incident has raised significant concerns about privacy and surveillance globally, particularly in India. Developed by the Israeli firm NSO Group, Pegasus spyware can infiltrate mobile devices to access a wide range of data, including location, contacts, messages, browsing history, and even control the device's camera and microphone. The widespread use of this spyware has brought to light the limitations of current surveillance laws in India and has intensified the debate on the right to privacy.
Pegasus spyware is a powerful tool that has been used to target and steal data from the phones of individuals worldwide. According to reports, approximately 1500 phones were compromised globally, with forensic analysis revealing that 155 individuals in India were targeted. These individuals included journalists, businesspeople, political figures, opposition party leaders, lawyers, electoral commission officials, foreign diplomats, and intellectuals.
Despite the alarming nature of these findings, the Indian government has neither confirmed nor denied the use of Pegasus spyware. This lack of transparency has heightened concerns about unlawful surveillance and cybersecurity breaches, prompting many RTI activists to seek information from the government, which has consistently evaded direct answers.
The right to privacy is a fundamental human right enshrined in Article 21 of the Indian Constitution. However, the Pegasus incident has exposed the potential for misuse of surveillance tools and the inadequacies of existing privacy laws. Current legislation recognizes the right to privacy as a natural and inalienable right, but there is a significant gap in the laws governing the collection, processing, disclosure, and use of personal information.
To address these issues, the Indian government introduced the Personal Data Protection Bill, 2019. This bill aims to establish policies that regulate the collection and use of personal data, thereby providing stronger protections against unauthorized surveillance and third-party access to personal information.
In response to the Pegasus revelations, numerous RTI activists filed queries to uncover details about the use of the spyware by Indian authorities. One such activist, Saurav Das, requested information from the Ministry of Home Affairs regarding any purchase or use of Pegasus spyware. However, the government refused to provide the requested information, citing national security concerns under Section 8(1)(a) of the RTI Act, 2005.
The refusal to disclose information has led to calls for greater transparency and accountability in the use of surveillance tools. The Supreme Court of India has intervened, directing a probe into the matter by a three-member technical committee overseen by Justice R.V. Raveendran, a retired judge of the Supreme Court. This committee is tasked with conducting an inquiry and submitting a report to the Supreme Court.
The issue of electronic evidence has come to the forefront due to the Pegasus spyware incident. Sections 65A and 65B of the Indian Evidence Act provide the legal framework for the admissibility of electronic records. However, there has been considerable debate over the interpretation and application of these sections.
According to Section 65B, electronic records must be accompanied by a certificate identifying the electronic record and detailing the device used to produce it. This certificate must be signed by a person responsible for the operation of the device. The Supreme Court has clarified in several rulings, including Arjun Panditrao Khotkar v. Kailash Kishanrao Goratyal, that compliance with Section 65B is mandatory for the admissibility of electronic evidence.
The Pegasus spyware incident underscores the urgent need for robust privacy laws and greater accountability in the use of surveillance tools. While technology has significantly enhanced convenience and communication, it has also introduced new challenges in protecting individual privacy.
The right to privacy is a fundamental human right that must be safeguarded against unlawful surveillance. The introduction of the Personal Data Protection Bill, 2019, is a step in the right direction, but further legal reforms are necessary to ensure comprehensive protection of personal data. Additionally, the government must provide transparency and accountability in its surveillance practices to maintain public trust and uphold democratic principles.
Leave a comment